CVE-2005-3679
ActiveCampaign 1-2-All Broadcast Email - SQL Injection via Admin Control Panel Username Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-3679. PoCs published by bhs_team.
AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in ActiveCampaign 1-2-All Broadcast Email. By injecting a malformed username, an attacker can bypass authentication and gain unauthorized access to the admin interface.
Description
SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username field in the admin control panel.
Exploits (1)
This exploit demonstrates an SQL injection vulnerability in ActiveCampaign 1-2-All Broadcast Email. By injecting a malformed username, an attacker can bypass authentication and gain unauthorized access to the admin interface.